0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-14 18:03:53 +01:00

Minor tweaks to acme docs (#4689)

This commit is contained in:
Richard van der Hoff 2019-02-22 10:56:42 +00:00 committed by GitHub
parent 0abb094f1a
commit fcd6f01dc7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 10 deletions

1
changelog.d/4689.misc Normal file
View file

@ -0,0 +1 @@
Minor tweaks to acme docs.

View file

@ -12,11 +12,12 @@ In the case that your `server_name` config variable is the same as
the hostname that the client connects to, then the same certificate can be
used between client and federation ports without issue.
For a sample configuration, please inspect the new ACME section in the example
generated config by running the `generate-config` executable. For example:
If your configuration file does not already have an `acme` section, you can
generate an example config by running the `generate_config` executable. For
example:
```
~/synapse/env3/bin/generate-config
~/synapse/env3/bin/generate_config
```
You will need to provide Let's Encrypt (or another ACME provider) access to
@ -27,10 +28,9 @@ like `authbind` to allow Synapse to listen on port 80 without root access.
(Do not run Synapse with root permissions!) Detailed instructions are
available under "ACME setup" below.
If you are already using self-signed certificates, you will need to back up
or delete them (files `example.com.tls.crt` and `example.com.tls.key` in
Synapse's root directory), Synapse's ACME implementation will not overwrite
them.
If you already have certificates, you will need to back up or delete them
(files `example.com.tls.crt` and `example.com.tls.key` in Synapse's root
directory), Synapse's ACME implementation will not overwrite them.
You may wish to use alternate methods such as Certbot to obtain a certificate
from Let's Encrypt, depending on your server configuration. Of course, if you
@ -87,7 +87,6 @@ acme:
port: 8009
```
#### Authbind
`authbind` allows a program which does not run as root to bind to